Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/1BFF84B0131611E991379440C4F9AE02.roa
File: 1BFF84B0131611E991379440C4F9AE02.roa (raw, json)
Hash identifier: 9v5xAom6t8Cg5dPY2+UVNWnLY+IwQ2L6vmEfACxJwlI=
Subject key identifier: 78:95:5F:77:E6:39:13:D4:75:B8:15:22:DB:8E:E0:12:F7:39:2B:A6
Certificate issuer: /CN=A911F7D0/serialNumber=65FCD1F274D3E7D58E4D0CA28558D34B6B152D67
Certificate serial: 10E9
Authority key identifier: 65:FC:D1:F2:74:D3:E7:D5:8E:4D:0C:A2:85:58:D3:4B:6B:15:2D:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/1BFF84B0131611E991379440C4F9AE02.roa
Signing time: Sat 22 Feb 2025 17:55:30 +0000
ROA not before: Sat 22 Feb 2025 17:55:30 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 138540
IP address blocks: 103.132.125.0/24 maxlen: 24
103.138.95.0/24 maxlen: 24
2001:df7:7d00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.crl
rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:13:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4329 (0x10e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911F7D0, serialNumber=65FCD1F274D3E7D58E4D0CA28558D34B6B152D67
Validity
Not Before: Feb 22 17:55:30 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ba0f91-f1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:8c:77:35:15:3c:c0:bb:34:e1:41:85:94:
b3:ca:53:d1:3e:63:ff:43:33:95:ee:df:01:1a:96:
68:29:99:83:af:96:2d:07:ef:6e:4f:8c:db:50:0d:
c2:4f:61:36:0a:2e:48:5b:3a:5d:7b:b2:fb:c9:fe:
9e:ef:d9:0b:88:aa:2f:ec:10:5a:f7:d4:f3:a2:36:
b2:41:2c:2c:1b:d4:3e:6b:88:b3:48:a0:f3:3d:4c:
44:b4:41:d4:70:84:02:bf:be:0c:99:9d:21:a5:9c:
c7:f4:61:bf:ff:ad:8c:66:f0:05:cf:b9:95:6f:98:
bf:85:57:38:31:93:dc:8d:40:15:cf:46:6f:4b:11:
43:ac:35:ed:9e:57:bc:1b:28:85:9b:d1:85:4b:72:
ae:48:d5:74:8e:57:f3:c0:1d:2c:6b:3d:1f:5d:97:
57:14:34:82:47:f4:57:51:87:23:5c:11:f1:40:4e:
06:54:66:c4:fe:a3:8c:b4:5e:28:25:1a:7f:60:a4:
61:38:3b:ee:c9:70:1f:60:48:e3:a2:54:d5:7a:69:
0f:a5:0e:76:d9:e2:b3:01:af:8c:52:6a:77:84:f3:
bf:0d:fb:b4:6b:3c:ca:5b:c2:49:08:c4:06:fa:dc:
20:80:34:18:08:31:2d:d0:1e:ec:b2:54:b3:84:8f:
94:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:95:5F:77:E6:39:13:D4:75:B8:15:22:DB:8E:E0:12:F7:39:2B:A6
X509v3 Authority Key Identifier:
keyid:65:FC:D1:F2:74:D3:E7:D5:8E:4D:0C:A2:85:58:D3:4B:6B:15:2D:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/1BFF84B0131611E991379440C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.125.0/24
103.138.95.0/24
IPv6:
2001:df7:7d00::/48
Signature Algorithm: sha256WithRSAEncryption
0e:5f:7c:2a:e0:56:93:20:19:f5:67:e1:00:2f:f2:a6:93:9d:
c1:26:52:21:a0:05:93:a0:bc:6b:e4:b7:1e:77:6f:9b:b0:1d:
24:72:64:9e:66:85:6a:2a:18:4a:15:20:ec:84:29:27:37:06:
75:9c:7f:e3:32:6c:6a:75:e7:17:6c:41:38:af:29:e8:dc:fb:
6f:38:c3:c7:f4:3b:7d:1b:ff:7c:f1:fa:4c:a4:2a:e1:a4:40:
a9:9e:71:fe:e5:bc:fe:f1:c3:6e:e0:70:4f:c8:b2:2f:f9:ab:
f8:45:d4:20:e4:2f:aa:26:56:5b:7c:91:b3:31:38:86:d3:1c:
fb:d4:70:87:f6:88:ef:3b:41:0c:24:9c:70:89:b2:1b:41:c5:
95:4a:f8:08:27:5f:07:0e:61:ce:b7:3b:c8:3e:df:ea:e9:21:
9a:1a:0c:86:8a:1a:ad:86:93:c5:24:fa:f9:27:61:10:07:20:
96:d6:3e:14:e4:ef:e8:b3:c1:51:2f:3a:17:8c:bc:76:31:d2:
a1:68:de:57:52:92:ad:cf:97:96:c8:b9:bd:cf:6f:7a:88:74:
da:5d:84:e6:ae:c2:aa:d7:0b:b4:d8:08:a8:26:46:78:20:92:
12:58:41:79:2c:aa:41:40:5d:bc:93:3b:9e:85:a4:16:fa:eb:
8c:a1:db:2c
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICEOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUY3RDAxMTAvBgNVBAUTKDY1RkNEMUYyNzREM0U3RDU4RTREMENBMjg1NThEMzRC
NkIxNTJENjcwHhcNMjUwMjIyMTc1NTMwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JhMGY5MS1mMWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtJOMdzUVPMC7NOFBhZSzylPRPmP/QzOV7t8BGpZoKZmDr5YtB+9uT4zbUA3C
T2E2Ci5IWzpde7L7yf6e79kLiKov7BBa99TzojayQSwsG9Q+a4izSKDzPUxEtEHU
cIQCv74MmZ0hpZzH9GG//62MZvAFz7mVb5i/hVc4MZPcjUAVz0ZvSxFDrDXtnle8
GyiFm9GFS3KuSNV0jlfzwB0saz0fXZdXFDSCR/RXUYcjXBHxQE4GVGbE/qOMtF4o
JRp/YKRhODvuyXAfYEjjolTVemkPpQ522eKzAa+MUmp3hPO/Dfu0azzKW8JJCMQG
+twggDQYCDEt0B7sslSzhI+UMQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFHiVX3fm
ORPUdbgVItuO4BL3OSumMB8GA1UdIwQYMBaAFGX80fJ00+fVjk0MooVY00trFS1n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjdEMC82NkEyOTk4MjEz
MTQxMUU5ODM0Rjc3M0JDNEY5QUUwMi9aZnpSOG5UVDU5V09UUXlpaFZqVFMyc1ZM
V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pmelI4blRUNTlXT1RReWloVmpUUzJzVkxXYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUY3RDAvNjZBMjk5ODIxMzE0MTFFOTgzNEY3NzNCQzRGOUFFMDIvMUJGRjg0QjAx
MzE2MTFFOTkxMzc5NDQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnhH0DBABnil8wDwQCAAIwCQMHACABDfd9ADANBgkqhkiG
9w0BAQsFAAOCAQEADl98KuBWkyAZ9WfhAC/yppOdwSZSIaAFk6C8a+S3Hndvm7Ad
JHJknmaFaioYShUg7IQpJzcGdZx/4zJsanXnF2xBOK8p6Nz7bzjDx/Q7fRv/fPH6
TKQq4aRAqZ5x/uW8/vHDbuBwT8iyL/mr+EXUIOQvqiZWW3yRszE4htMc+9Rwh/aI
7ztBDCSccImyG0HFlUr4CCdfBw5hzrc7yD7f6ukhmhoMhooarYaTxST6+SdhEAcg
ltY+FOTv6LPBUS86F4y8djHSoWjeV1KSrc+Xlsi5vc9veoh02l2E5q7CqtcLtNgI
qCZGeCCSElhBeSyqQUBdvJM7noWkFvrrjKHbLA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:35:57 2025 by rpki-client